RepoMirrors/ffmpeg
1
0
Fork 0
mirror of https://git.ffmpeg.org/ffmpeg.git synced 2025-02-16 20:07:04 +00:00
Code Issues Projects Releases Wiki Activity

matroskadec: Check EBML lace sizes.

Browse Source 
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
This commit is contained in:
Michael Niedermayer 2013-04-04 15:39:23 +02:00
parent 115c3bc41f
commit 3b93bea9e3
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
libavformat/matroskadec.c
View File

@ -2027,10 +2027,10 @@ static int matroska_parse_laces(MatroskaDemuxContext *matroska, uint8_t **buf,
uint64_t num;
uint64_t total;
n = matroska_ebmlnum_uint(matroska, data, size, &num);
if (n < 0) {
if (n < 0 || num > INT_MAX) {
av_log(matroska->ctx, AV_LOG_INFO,
"EBML block data error\n");
res = n;
res = n<0 ? n : AVERROR_INVALIDDATA;
break;
}
data += n;
@ -2040,10 +2040,10 @@ static int matroska_parse_laces(MatroskaDemuxContext *matroska, uint8_t **buf,
int64_t snum;
int r;
r = matroska_ebmlnum_sint(matroska, data, size, &snum);
if (r < 0) {
if (r < 0 || lace_size[n - 1] + snum > (uint64_t)INT_MAX) {
av_log(matroska->ctx, AV_LOG_INFO,
"EBML block data error\n");
res = r;
res = r<0 ? r : AVERROR_INVALIDDATA;
break;
}
data += r;